Block Program Backdoors/Privacy Violations. + RELATED EX: Use Audacity? Your Data May Now Be Shared

Take a look at your Desktop and/or interface. Be it MATE (desktop/laptop), Phosh (Pinephone/Librem), or KDE. We use several buttons/shortcuts to programs everyday.

Some of these programs need the internet.

Some do not.

Have you minimized access to programs which do not need the internet?

Did you know some programs secretly “call home” and share data/your ip address with 3rd parties (sometimes this data is sold)?

The most ideal setup is restricted where possible, but not to the point where a given setup becomes unusable.

Here we are going to use a Hot Off the Press News example to demonstrate how to restrict networking only to those programs requiring it (such as web browsers, encrypted messengers, etc).

Other applications like a Media player, GIMP (image manipulation), and Libre Office do NOT need ANY networking for full functionality. A compromised update to any given program can cause it to act outside the scope of its description (including reverse shells, collecting data/sending and more bad ideas).

So why do we allow it?

Because this is default behavior.

We can change that.

We can go through and edit each shortcut to EASILY block network access for every single shortcut/button for programs who do not require internet access.

This can block/prevent not only personal data sales (by program creators/developers), even potential backdoors (such as a reverse shell or other example) from communicating.

This is really important.

I want you to go through every single shortcut and decide if it needs the internet or not. Don’t worry, you can always change it back later if it harms functionality. But for the programs unaffected, this will prevent your personal data from leaving via their execution.

Next we are going to look at a real world example with this exact potential issue.

I then want you to go through each and every shortcut and decide/edit it to block access to those where it is not necessary for a program to reach the internet.

EXAMPLE USING LINUX CURRENT EVENTS

(This example is a real/current problem, follow/fix this):

Do you minimize network access only to programs which need it to function?

I have to admit, I like using Audacity.

Those subscribed to my channels might remember my video “Your Computer Speakers Can Act As Remote Listening Devices.” There I tuned into frequencies coming from my laptop, discovered my speakers were acting as a remotely transmitting microphone anytime I had sound playing from my laptop speakers (I was able to demonstrate this 15 feet away: with a more sensitive device, through walls would not be hard to imageine [see: rf retro reflecting]).

After which, I demonstrated how to remove the static from the radio signal recordings using Audacity.

See that video here:

And YT Mirror Is Here:https://www.youtube.com/embed/bK-CcnfP_ws

To anyone who has been paying attention lately, the highly popular audio editor, Audacity was recently acquired by a private company (Muse).

What this means for the long term future of Audacity, is still somewhat unknown…

Although we are starting to feel some abrasions.

Not long ago a new data google collection/analytics announcement was snuck into Audacity under this new ownership. The outcry was far reaching: https://www.msn.com/en-us/money/other/audacity-reverses-course-on-plans-to-add-opt-in-telemetry-after-outcry/ar-BB1gOOlS

After much rebuttal, this plan was scrapped.

However, there is a new equally concerning Audacity Privacy Policy.

In this new Privacy Policy there are clear implications for users and data collection.

“”Why we collect it Personal Data we collect Legal grounds for processing

• App analytics
• Improving our App• OS version
• User country based on IP address
• OS name and version
• CPU
• Non-fatal error codes and messages (i.e. project failed to open)
• Crash reports in Breakpad MiniDump format• Legitimate interest of WSM Group to offer and ensure the proper functioning of the App• For legal enforcement• Data necessary for law enforcement, litigation and authorities’ requests (if any)• Legitimate interest of WSM Group to defend its legal rights and interests


  1. Minors
    1. The App we provide is not intended for individuals below the age of 13. If you are under 13 years old, please do not use the App.
  2. Who does Audacity share your Personal Data with?
    1. We may disclose the Personal Data listed above (your hashed IP address) to the following categories of recipients:
      1. to our staff members. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose.
      2. to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, or (ii) to exercise, establish or defend our legal rights;
      3. to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose.
      4. to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Notice;
      5. to any other person if you have provided your prior consent to the disclosure.””

FIXES FOR RUNNING PROGRAMS WITH UNKNOWN NETWORK CONTACT (ASSUMING SAFE OTHERWISE):

NOTE: Just because I use Audacity in this example, doesn’t meant the best solution is one of the A-G options. Audacity is used in the example.

It usually it is better to wait for a trusted fork– still, if unsure what is existing inside Audacity code– it never hurts to restrict using these options.

Keep in mind these are meant to be options for all potential programs which do not need network access to function.

There are tools to remedy data collection. One such tool is Firejail.

If you love Audacity and aren’t ready to give it up, there are a few options for you.

You could:

A.) hold back Audacity updates in your package manager (or wait for a fork)

Or

B.) use Firejail to restrict Audacity’s access to the internet, which will completely cut off it’s ability to share your personal data.

Use this command to open Audacity while restricting networking:

firejail –net=none audacity

(You can also optionally use –private to further compartmentalize the program)

C.) Use Bubblewrap as an alternative to Firejail sandboxing

D.) Run Audacity inside a Whonix jail or a virtual machine with network restrictioned.

E.) Torify Audacity (or use under other non direct connection- sudo not suggested unless you trust software)

F.) Firewall it (iptables/nftables)

G.) Flatpak disable net

sudo flatpak override --unshare=network org.audacityteam.Audacity

Example Command (NOTE: this is an example- sudo should not be used w/programs considered untrusted):

torify audacity

SHORTCUT EDITING:

Now replace the exec= line on all shortcuts for your devices. Be it: Linux Laptop or Pinephone or Pinebook or Pinetab, or otherwise.

If you have a Pinephone or other .desktop Linux shortcut, this means editing the:

Exec=

line inside that .desktop file.

Example line:

Exec=firejail --net=none --private audacity

Your shortcut files may be found in .local or at /usr/share/applications.

Example Shortcut/Button directory location (each application has its own .desktop file):

/usr/share/applications/

Or:

~/.local/share/applications

You can use this same option (firejail –net=none) for ALL apps on your system which do not require networking to protect yourself from needless data collection/backdoor communication.

Now go through all your other programs and their corresponding shortcuts .desktop files. Block internet access to ALL programs which do not need the internet to prevent them from sending your data, or worse yet, communicating via backdoor.

Thank You For Sharing Any Posts You Find Helpful/Useful/Interesting

FOLLOW ME:

Twitter Fosstodon

VIDEO CHANNELS/MIRRORS:

Youtube Odysee Bitchute Peertube

SUPPORT/DONATION OPTIONS:

CASHAPP: $HumanRightsTech
BMAC: https://www.buymeacoffee.com/politictech/
BTC: 3QDdTcLwLTPXKMBp5dLUhKJG6KbDxWsYWS

Relevant Links:

Audacity Audio Editor: https://www.audacityteam.org

Firejail: https://firejail.wordpress.com/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s